Corrupted sudoers file preventing me from using sudo

[mtangy]

I attempted to add another user to the sudoers list on my Raspberry Pi running Debian (Raspbian Jessie kernel ver 4.1). While doing so I entered the entry in wrong and I keep getting these errors every time I try to use sudo:

Code: Select all

>>> /etc/sudoers: syntax error near line 1 <<<
>>> /etc/sudoers: syntax error near line 1 <<<
sudo: parse error in /etc/sudoers near line 1
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Now I cant use sudo to run visudo to change sudoers and for some reason I cant login under root because the default root login password of "raspberry" doesn't seem to work. Does anyone know how I can login into root or change sudoers without using sudo so I don't have to re-flash the system? Any input would be much appreciated.

thanks

[JimmyN]

Root has never had a default password of 'raspberry', that would create a major security issue. Root by default has no password so you can't login as root unless you've created a password. And without sudo privileges you can't set a password for root.

If you're using a Raspbian image you could edit the "cmdline.txt" file in the boot partition, using a Windows PC, since '/boot' is a FAT partition. You could use that to have it boot into a root shell allowing you to edit the sudoers file. I don't use NOOBS so I could be wrong, but IIRC that won't work if you're using NOOBS since the first partition is "Recovery" and Windows won't even see the '/boot' partition. You'd have to edit the file using another Pi or a Linux system.

You could use another SDcard and boot the Pi with that, then put your current SDcard into a USB card reader and mount it. Then you could use sudo to edit anything you like.

When you edit the sudoers file scroll down to the bottom where you'll see the entry for "pi" and duplicate that for your new user.

Somebody else may come along with a better idea, but right now that's all I've got.

[DougieLawson]

Root has never had a default password of 'raspberry', that would create a major security issue. Root by default has no password so you can't login as root unless you've created a password. And without sudo privileges you can't set a password for root.

BZZZZT wrong!

You can set a root password with sudo passwd or sudo -i (open an interactive shell) then use the regular passwd command.

[rpdom]

You can set a root password with sudo passwd or sudo -i (open an interactive shell) then use the regular passwd command.

I think that case was covered by

without sudo privileges you can't set a password for root.

and

Now I cant use sudo

Now the OP needs to google for the reset password method, (init=/bin/bash) which will provide a recovery shell that will allow mistakes to be corrected.

[DougieLawson]

The easier recovery is with a second SDCard and a USB SDCard reader. Boot the system from a new install of Jessie, mount the damaged card and copy the /etc/sudoers file from the good card to the borked card.

visudo is there to stop any damage to /etc/sudoers by sanitising changes before they're saved back.

[mtangy]

That worked perfectly. Thanks for the help everybody

[PiDoc]

I fixed the corrupted sudoers file by mounting the microsd card in debian on my pc, mounting it, navigating to the file in terminal and editing it as root. The sudo command now works again but I uncovered another bug. It accepts a new root password using either sudo passwd or sudo su followed by passwd. However, it seems to forget the password and won't let me ssh in as root. Anyone else notice this?

[JimmyN]

That's not a bug, that's security. Root logins using SSH are disabled by default, so when using SSH you can't login as root using a password you have to use a key exchange.

[PiDoc]

I never had any such issue in Wheezy so this is new to me. I would always ssh in as pi and change the root password, exit and ssh back in as root with the new password(or sftp in for file transfers which I like to do as root). Is this key different than the Diffie-Helfman exchange that always happens when I ssh in? I'm confused...

[fsr]

ssh back in as root

Generally speaking allowing root to ssh into *nix systems is considered a very poor security practise and widely discouraged.
I know the rPi is more of a toy than a production system and thus the security may seem like overkill but you should just accept it and alter your habits because any other *nix system is going to be the same.